Sarah Abrams

We live in a time when cryptocurrency has friends in high places. In the following guest post, Sarah Abrams, Head of Claims Baleen Specialty, a division of Bowhead Specialty, considers the current environment for cryptocurrencies and examines the potential D&O liability and insurance implications. I would like to thank Sarah for allowing me to publish her article as a guest post on this site. I welcome guest post submissions from responsible authors on topics of interest to this site’s readers. Please contact me directly if you would like to submit a guest post. Here is Sarah’s article.

********************

In the same month that the Stablecoin Bill advanced to the US Senate, a Securities Class Action lawsuit (Coinbase SCA) was filed against publicly traded crypto exchange Coinbase following a stock drop after it disclosed that an unknown actor had bribed overseas customer service agents to gain access to users’ personal data. The presidential and legislative momentum in the United States to support cryptocurrency (Crypto), juxtaposed with the filing of a complaint for securities fraud case against a crypto exchange, feels illustrative of the crypto market’s swing in recent years.

What is different now, however, is that even banks have begun indicating that they will launch their own tokens if it becomes legal to do so. The proposed regulation of Crypto, a historically unregulated and often maligned asset, may usher in a new era of acceptable payments and investment opportunities for corporations.  In turn, there may be increased exposures for D&O underwriters, including causes of action stemming from the use of Crypto exchanges like Coinbase.  The following discusses a brief history of Crypto, the proposed Stablecoin Bill and the regulatory framework, and Coinbase SCA.

As an initial matter, understanding what Crypto is, how it is currently valued, and how the proposed legislation defines “digital commodities” provides context for what the future of money – and the associated risks to D&O insurers – may look like.

Crypto is a digital currency (coins or tokens) that is not reliant on any central authority, such as a government or bank, to uphold or maintain it.  Understanding the difference between Crypto coins and tokens is important because they each serve distinct functions in the cryptocurrency ecosystem.  While both Crypto coins and tokens can be bought and sold, they serve different purposes and functionalities.  

A Crypto coin can be used as a method of payment and is native to its own blockchain. A blockchain is a computerized database that uses the consensus mechanism of proof of work or proof of stake to secure transaction records, control the creation of additional coins, and verify the transfer of coin ownership.  Bitcoin, the original cryptocurrency, is a good example of a Crypto coin. It exists as a unit of value on its own ledger, and its value is influenced by supply and demand. 

On the other hand, a Crypto token is also a method of payment, but it is created and managed on top of an existing blockchain.  A token can represent assets (like real estate or gold), services, or voting rights within a specific ecosystem. Tokens are usually issued through initial coin offerings (ICOs).  Importantly, Stablecoins, the focus of the Stablecoin Bill, are tokens.  

Stablecoins are designed to maintain a stable level of purchasing power by being pegged to a reference asset like fiat money, exchange-traded commodities, or another cryptocurrency. The Stablecoin Bill defines a digital commodity as a commodity where the value is, or is reasonably expected to be, derived from the relationship of the commodity to a blockchain system.  The bill further outlines four ways a digital commodity can be linked to a blockchain system.

With this basic understanding of crypto currency and stablecoins in mind, it is important to consider next what regulatory oversight may be in store for digital currency. As an initial matter, the Stablecoin Bill began as the Senate Banking Committee’s Guardrails and Enforcement for Neutral Issuers of United States Stablecoins (GENIUS) Act. Note, this is different legislation from the STABLE Act bill passed by Committee in the House.  

The Stablecoin Bill, if passed, would clarify the jurisdictional boundaries between the Commodity Futures Trading Commission (CFTC) and the Securities Exchange Commission (SEC).  The CFTC would have exclusive jurisdiction under the Commodity Exchange Act (CEA) over most digital commodities transactions, including spot markets.  In short, the SEC’s current oversight over Crypto would be curtailed.

Digital commodities sold under an investment contract would not be a “security” and therefore would be excluded from the definition of investment contracts under existing securities laws enforced by the SEC. Additionally, the Stablecoin Bill provides a framework for blockchain systems to avoid certain SEC reporting requirements to become certified as “mature” blockchain systems.

With the Stablecoin Bill scaffold providing the optics of legitimacy and regulatory supervision, corporations may be tempted to begin integrating stablecoins as a method of payment or investment.  For D&O underwriters that might create exposure, especially if the stablecoin Crypto exchange has exposed vulnerabilities.

Just like traditional stock and commodities exchanges, cryptocurrency exchanges are also platforms that can facilitate the trading of different kinds of cryptocurrencies, including stablecoins.  What may create concern for D&O insurers of executives and companies that begin to leverage Crypto is the safety of the Crypto exchange hosting its stablecoins.  The facts alleged in the recently filed Coinbase SCA validate the fear of a lack of controls.

By way of background, Coinbase’s shareholders allege that the crypto exchange violated federal securities laws by omitting material risks about its U.K. subsidiary’s anti-money laundering (AML) control breaches and cybersecurity vulnerabilities. First, Coinbase delayed disclosing that its subsidiary CB Payments Ltd. (CBPL) was fined £3.5 million ($4.5 million) by UK regulators for repeatedly violating a 2020 agreement with the Financial Conduct Authority (FCA). In addition, Coinbase suffered a data breach involving overseas contractors who were allegedly bribed to steal customer information, including names and partial Social Security numbers.  Coinbase confirmed the breach in a May SEC filing.  The Coinbase SCA alleges that, once both the FCA violations and data breach were disclosed, Coinbase’s stock price fell more than 7%.

So, if a publicly traded Crypto exchange is vulnerable and has difficulty complying with regulations, is there exposure to a public company that owns stablecoins housed on that Crypto exchange?   Is it a breach of fiduciary duty when an executive directs company assets to be paid using a platform that also services “high-risk” customers?  Will regulators also have oversight over corporate stablecoin owners? 

All queries that could be associated with increased D&O underwriting exposure, even with the Stablecoin Bill likely ready to pass Congress and signed into law by this administration. In the meantime, a general understanding of Crypto is, and associated emerging risks for companies as excitement stablecoins continue to swell, may help inform insurer appetite. 

The views expressed in this article are exclusively those of the author, and all of the content in this article has been created solely in the author’s individual capacity. This article is not affiliated with her company, colleagues, or clients. The information contained in this article is provided for informational purposes only, and should not be construed as legal advice on any subject matter.